General
-
Target
49f0d9e57575c9c7bfad4e0df3054275
-
Size
1.1MB
-
Sample
231219-sgathaagen
-
MD5
49f0d9e57575c9c7bfad4e0df3054275
-
SHA1
90005e794f13d32a1b39f3cfdda90d3e8480dabb
-
SHA256
b27f74f1c88980fbc920bb963d9637b916ee852fe97c6b39f805c1f419a3f315
-
SHA512
9c234b9bde524a7272daa52de675f357714d74c09fdb3d3189a29f958e023cf14b1b52120a1eb8283c9d2d91ef3043844c69daa8f605bebed11dfc51338ae676
-
SSDEEP
24576:PmpTs9A+MvPrXRomg58Nrzq7FiEEKibvcuJLZyvYpLu3en+vdiL:Ms9KDhIcrOZUKSJ1yvYpLu3uwdiL
Static task
static1
Behavioral task
behavioral1
Sample
49f0d9e57575c9c7bfad4e0df3054275.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
49f0d9e57575c9c7bfad4e0df3054275.exe
Resource
win10v2004-20231201-en
Malware Config
Extracted
redline
@zenvolord
185.209.22.181:34925
-
auth_value
5a0918bd3e8ede8e02c8dd9d106a996d
Targets
-
-
Target
49f0d9e57575c9c7bfad4e0df3054275
-
Size
1.1MB
-
MD5
49f0d9e57575c9c7bfad4e0df3054275
-
SHA1
90005e794f13d32a1b39f3cfdda90d3e8480dabb
-
SHA256
b27f74f1c88980fbc920bb963d9637b916ee852fe97c6b39f805c1f419a3f315
-
SHA512
9c234b9bde524a7272daa52de675f357714d74c09fdb3d3189a29f958e023cf14b1b52120a1eb8283c9d2d91ef3043844c69daa8f605bebed11dfc51338ae676
-
SSDEEP
24576:PmpTs9A+MvPrXRomg58Nrzq7FiEEKibvcuJLZyvYpLu3en+vdiL:Ms9KDhIcrOZUKSJ1yvYpLu3uwdiL
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-